Windows, Oddity with Schtasks.exe, and falsely reported error.

If you run a command like this it works fine to any remote machine

    schtasks.exe /query /s SomePC /U MyAccount /P XXXXX

If you try to let it point back to your own machine you get an error-message

    ERROR: User credentials are not allowed on the local machine.

BUT this is actually FALSE!!!

You get the same message whether you are pointing by name (with or without domain), a real IP, 127.0.0.1 or “localhost”.

IF you get the crazy idea and add an entry to your \Windows\System32\Drivers\etc\Host. file, that has your pc’s IP and any name, e.g.

    1.2.3.4   MyOwnPCAlias.Something.Never.Used

THEN the command works with that IP  – but still not with the rest (nor the alias)

    schtasks.exe /query /s 1.2.3.4 /U MyAccount /P XXXXX

This trick proves that it is NOT a limitation in the WinRM protocol nor schtasks.exe, but an erroneous error message, as someone prohibited something that actually technically works just fine… (And is useful with other credentials!)

With the trick I guess the program makes a reverse lookup on the IP, and detect it as not the current pc name, and then proceeds processing the call through WinRM and not locally…

The bug and trick goes for both stand-alone machines and machines in a domain. (Only works for real IP not 127.0.0.1 though)

 

I stumbled upon it inventorying a range of PC’s with an administrative account, and found I was prohibited from querying the running machine with schtasks.exe , and in a desperate attempt I tried an alias. Only to detect that did not work either, but then accidentally executed with the IP again before removing the Hosts entry….